Discuss Defense in Depth. Provide different tactical concepts that apply to info

Question

Discuss Defense in Depth. Provide different tactical concepts that apply to information technology. Again, even though these are focused on security, each applies to IT. While you need to be familiar with all of them, for this assignment you should choose one to explain in your own words. Include an example that explains the concept. Justify why the principle is important for IT Strategy and Tactics. Find at least one additional reference for each one you choose. Rather than providing a paper, you are to create a PowerPoint presentation explaining the concept. It should contain 10-15 slides, including a title slide and a reference slide. You may include pictures, graphs, figures, or charts to help your discussion of the topic. Your final presentation product should be professional in format as if you are going to present it to upper management. Make sure to include your name, class number, and assignment number in your PowerPoint Title slide and give proper attention to formatting, spelling, grammar, and punctuation.

Explanation / Answer

Before understanding the meaning of Defense in Depth we must understand the term “Layered security” A layered security approach to security can be executed at any layer of a complete information security procedure. Whether you are accessing the single system form your home or you have thousands of employee enterprise with the wide area network, by using the layered approach with security mechanisms deployment can help improve your security

Dictionary definition of defense is “the effort of protecting from or resisting attack. Originally used in a military context. “Similarly in an information technology (IT) world Defense in depth also called as Castle Approach. Defense in depth is part of an Information Assurance (IA).

Information assurance (IA) is an idea where various zones of security controls (defense) are arranged everywhere an information technology (IT) system. Information assurance (IA) is the method of assuring information and controlling hazards related to the handling application, processing, storage, and transmission of information and the systems and methods used for those objects. Information assurance involves safeguard of the integrity, availability, authenticity, non-repudiation, and confidentiality of user data. Control fails or a vulnerability is utilized that can include perspectives of personnel, Organization procedural, technical and physical protection for the span of the system's life process.

There are three major Controls in Defense in depth

Following are the six strategies we need for the making network more secure:-

Strategy 1: Authenticate and authorize all network users.

Strategy 2: Deploy VLANs for traffic separation and coarse-grained security.

Strategy 3: Use state full firewall technology at the port level for fine-grained security.

Strategy 4: Place encryption throughout the network to ensure privacy.

Strategy 5: Detect threats to the integrity of the network and remediate them.

Strategy 6: Include end-point security in policy-based enforcement.

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.